OLAF

From LeakDirectory

Jump to: navigation, search

Contents

General Notes

Has OLAF, the European Anti-fraud Office now been reformed, after they persecuted a German journalist Hans-Martin Tillack, trying to get him to reveal his whistleblower sources within their own organisation ?

http://ec.europa.eu/anti_fraud/press_room/pr/2010/03_en.html

In line with the applicable legislation, OLAF has always investigated anonymous reports, but until now had to subject them to stricter preliminary scrutiny in order to prevent abuse. In the process, OLAF investigators regularly face the practical problem of being unable – inevitable with anonymous informants - to ask questions in order to obtain clarification.

This problem is solved by the Fraud Notification System, since the latest technical safeguards both guarantee informants absolute anonymity and at the same time enable them, if they so wish, to enter into dialogue with OLAF investigators. No one, either inside or outside OLAF, can discover the identity of anyone who has opted to remain anonymous. The system operates like a 'blind' letterbox where both parties can drop off messages.

For OLAF investigators, this has the advantage of helping them better to assess the credibility of anonymous reports of corruption and fraud and also makes abuse of the system much more difficult.

At the same time, the system enables potential informants who have so far not dared to contact OLAF to enter into a genuine dialogue with experienced investigators. Although EU staff who report suspicious circumstances and provide evidence are protected against reprisals of any kind, under the current rules of service individual colleagues who are unsure about how allegations of corruption or fraud are assessed might hesitate to contact OLAF. The new system makes it easier for such colleagues them to make contact.

During a pilot phase the Fraud Notification System will be available in English, French, German and Dutch.

Contact Details

website
http://ec.europa.eu/anti_fraud/contact_us/index_en.html
Press inquiries

Communication, PR and Spokesman Unit

Email: olaf-press@ec.europa.eu

Phone: +32-2-298.82.51

General inquiries
telephone: Freephone numbers in each of the 27 European Union countries

http://ec.europa.eu/anti_fraud/freephone/index_en.html

Austria : 0800 295 845

Belgium : 0800 1 24 26

Bulgaria: 00800 01 05 20 04

Denmark : 800 18 495

Finland : 0800 112 595

France : 0800 917 295

Germany : 0800 182 0595

Greece : 00800 321 2595

Ireland : 1 800 553 295

Italy : 800 878 495

Luxembourg : 0800 35 95

Netherlands: 0800 02 245 95

Portugal : 800 832 595

Romania : 0800 895 133

Spain : 900 993 295

Sweden : 02 079 1695

U.K. : 0800 963 595

Countries with the following number: 00800 01 05 20 04 do not have a national free-phone but a Universal International Freephone Number (UIFN). Please verify if your operator supports UIFN

Latvia: 00800 01 05 20 04

Lithuania: 00800 01 05 20 04

Malta : 00800 01 05 20 04

Poland : 00800 01 05 20 04

Slovakia : 00800 01 05 20 04

Slovenia : 00800 01 05 20 04

Cyprus : 00800 01 05 20 04

Czech Republic : 00800 01 05 20 04

Estonia : 00800 01 05 20 04

Hungary : 00800 01 05 20 04

fax: no
email address: olaf-courrier@ec.europa.eu

source: http://ec.europa.eu/anti_fraud/contact_us/index_en.html

Postal Address:

OLAF
European Anti-Fraud Office
European Commission
rue Joseph II, 30
1000 Brussels
Belgium

Social Networking publicity

Twitter

No

FaceBook

No

Blog / RSS

No

Financial Donation methods

Not Applicable - European Union government funded

Currently accepting submissions of whistleblower leaks ?

Yes

Leak Submission Encryption

Digital Certificate fingerprints published on their website:

No

Qualsys SSLLabs SSL Server Test rating:

https://www.ssllabs.com/ssldb/analyze.html?d=fns.olaf.europa.eu

Overall rating: C [52]

Certificate: 100

Protocol Support: 55

Key Exchange: 40

Cipher Strength: 60

Deprecated SSL version 2.0 protocol enabled. Weak 40bit and 56bit cipher key suites enabled. Insecure re-negotiation. Potentially vulnerable to Man-in-the-Middle and cipher strength downgrade attacks.

PGP Public Encryption Key

No

TOR Hidden Service

No

I2P eepsite

No

PrivacyBox.de

No

Hushmail Secure Form

No

Leak Submission Anonymity

TOR users blocked from access

No

3rd Party or persistent tracking cookies

No

CAPTCHA graphics generated from another website e.g. Google Re-Captcha

Does use a CAPTCHA, but this is generated ok from the same secure website as the web form.

Mixed mode non-SSL graphics or style sheets

No

Embedded video clips etc. from another website e.g. YouTube

No

Flash file uploader class

No

Communications / Acknowledgement back to the whistleblower via the website

Acknowledgement of receipt of information

e.g. file upload success indicator - has the leak message or upload actually been received successfully ?

Leak analysis work flow status reporting

Has anyone actually looked at what the whistleblower has submitted ?

Yes, if the Private Mailbox option is used

Private message box

e.g for 2 way communications back to the anonymous whistleblower, asking for clarification, offering advice etc.

Optionally allows a whistleblower to choose their own password and generates a randomly named private mailbox username. This is only enabled a few days after a whistleblower leak submission has been seen by an analyst and the account enabled.

Domain Name Resilience

Domain Name Registrar

europa.eu Luxembourg

Multiple Internet Service Providers, in different legal jurisdictions ?

No

Domain Name Server(s) & jurisdiction(s)

ns1bru.europa.eu [158.169.131.22]

tcbru25.cec.eu.int

ns2bru.europa.eu [158.169.131.32]

ns2eu.bt.net

auth50.ns.be.uu.net

tclux17.cec.eu.int

ns2.nl.ignite.net

ns1lux.europa.eu [158.169.9.11]

tcbru22.cec.eu.int

auth00.ns.be.uu.net

ns2lux.europa.eu [158.169.9.30]

Domain Name Servers in the United Kingdom, Spain, Belgium and Luxembourg

Web Server hosting jurisdiction(s)

fns.olaf.europa.eu [147.67.226.10] is from Luxembourg(LU)


Alternate Domain Name aliases

No

Actual Physical Mirrors of the website:

No

Content available via BitTorrent etc P2P etc.

No

Personal tools